Solved

PIX firewall and tab key, web based, ssh access

Posted on 2006-11-05
3
886 Views
Last Modified: 2013-11-16
I have got couple questions regarding cisco pix firewall 525

1- pix at work was already configured to use telnet from 192.168.x.x to inside interface. I want to enable ssh instead of telnet , I want to enable ssh for all internal ip addresses (not only a specific one) to inside interface. Am I doing the right thing by using the command below :
ssh 0.0.0.0 0.0.0.0 inside

2- Shouldn't tab key work to complete a command when I do configuration ?I do not why I can not use it

3- Isn't there integrated Web-based management tool ( PIX Device Manager (PDM) ), how can I enable that to be used ?

Regards

0
Comment
Question by:zillah
  • 2
3 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17877329
>ssh 0.0.0.0 0.0.0.0 inside
Yes, this is correct.
You can also disable telnet to it by removing the telnet 192.168.x.x 255.255.255.255 inside

Tab key works in Cisco IOS on routers. PIX OS is not IOS and not all features are the same

Yes, there is a PDM GUI. What version PIX OS? "show ver" will tell you. PDM only works with 6.x
Show ver from mine:

Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)

PDM is already installed. If your output does not show the PDM version, then it may not be installed.
You install it almost the same way as updating the OS:
Assuming you have the pdm-xxx.bin image on your tftp server (you'll have to download from CCO if you don't)
 copy tftp://1.2.3.4/pdm-304.bin flash:pdm

Then enable access by adding similar to telnet and ssh:
 http 0.0.0.0 0.0.0.0 inside

To access the GUI:
  https://<ip of pix>   <== notice https not http
0
 

Author Comment

by:zillah
ID: 17877758
[quote]
Cisco PIX Firewall Version 6.3(5)
Cisco PIX Device Manager Version 3.0(4)
[/quote]

mine is same :
Cisco PIX Firewall Version 6.3 (5)
Cisco PIX Device Manager Version 3.0 (4)


[quote]
Then enable access by adding similar to telnet and ssh:
http 0.0.0.0 0.0.0.0 inside
[/quote]
Do I need to enable http or https on the PIX ? , because as you have advised to use : "<== notice https not http"  ?
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 17878228
You only enable http, but you must access it with https from your browser. You also need to have Java Runtime or J2SE installed on your PC.
Also make sure you have this in the PIX:
 http server enable
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Difference between Cisco Multichassis Etherchannel and VSL 6 58
Cisco Prime and Maps 3 36
Cisco UCS: C-Series, bios failed power-on self test 2 22
nexus filter logs 3 29
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now